This action might not be possible to undo. Are you sure you want to continue?
On October 15, 2008, the Georgia Tech Information Security Center (GTISC) hosted its annual summit on emerging security threats and countermeasures affecting the digital world. At the conclusion of the event, GTISC released this Emerging Cyber Threats Report—outlining the top five information security threats and challenges facing both consumer and business users in 2009. This year’s summit participants include security experts from the public sector, private enterprise and academia, reinforcing GTISC’s collaborative approach to addressing information security technology and policy challenges. “As one of the leading academic research centers focused on information security, GTISC believes strongly that a proactive and collaborative approach to understanding emerging threats will help us develop more effective information security technologies and strategies,” said Mustaque Ahamad, director of GTISC. “The annual GTISC Security Summit on Emerging Cyber Security Threats and our annual Emerging Cyber Threats Report seek to give us a better understanding of the cyber security challenges we will face in the years ahead.” GTISC research and advance interviews with key information security experts from government, industry and academia uncovered five specific trends and some profound questions that will drive threats and countermeasures in 2009 and beyond, including:
Emerging Cyber Threats Report for 2009
Malware Botnets Cyber warfare Threats to VoIP and mobile devices The evolving cyber crime economy
In an effort to inform the broader community about current and future risks, this report will describe each emerging threat, existing or potential countermeasures, and how the threat may evolve in the coming year. In addition, our experts will offer their opinion on the role that Internet security education and regulation may play in further preventing the spread of cyber crime.
“We are projecting a 10-fold increase in malware objects detected in 2008.” said Naraine. In the coming year. GTISC and other security experts also expect more targeted spear-phishing vehicles to install malware and/or steal data. “This is ‘hockey-stick’ growth driven by identity theft and data-focused cyber crime.” said Naraine. “The email lures. For example: Attackers might target customers of a local credit union with a spoofed email referencing a local news story of interest.000 on July's figures and points to a significant increase in the number of in-the-wild threats. Adobe and Apple all do this. and then sees a prompt to install the latest version of Flash Player in order to watch the video clip. beginning with malware. Kaspersky Lab. believes that malware delivery—the first step in creating a bot—will become more insidious by taking advantage of poorly configured Web sites. A total of 28940 different malicious and potentially unwanted programs were detected on users’ computers in August.” On the bright side. And Heron expects data to drive cyber attacks for years to come.Security Evangelist. the enticements and the personalization of malware attacks are getting much better. “It takes the average corporation two to three months to apply a Windows patch across all devices. Social engineering attacks on social networks are beginning to explode and will only get worse.” said Naraine. the malware is installed and can log keystrokes and mine other personal data to be sent back to a malicious bot master or cyber criminal. mobile threats or cyber warfare attacks. so malware and botnets will continue to take advantage of known vulnerabilities within enterprise environments. “It’s all about the data. 2008 Emerging threats for 2009…all data-driven! Data will continue to be the primary motive behind future cyber crime—whether targeting traditional fixed computing or mobile applications. but actually installs a piece of malware on the machine. many software vendors are now shipping auto-patch/update capability with each new software release. And Naraine believes that Microsoft operating system security has improved with each successive release. security evangelist for Kaspersky.Emerging Cyber Threats Report for 2009 Georgia Tech Information Security Center • October 15. “When you have nearly 100 percent of users standardized on a single application. they are learning how to localize and personalize their attacks for better penetration. and the bad guys know this. When customers click the bogus link in the email. Naraine’s research indicates that some of the largest botnets are comprised of corporate machines. Naraine cited computing mono-cultures and slow or non-existent desktop application patching as fueling the malware/botnet crisis. Americas 1 . it means that a single point of security failure can lead to infection of an entire computing ecosystem. http://www. Firefox. The recipient clicks on the link supposedly sent by his/her friend. malware.” whether botnets. Facebook and others will likely be used as delivery mechanisms to get unsuspecting users to a malicious Web site link in order to deliver malware. As cyber criminals move beyond mass-distribution style phishing scams. Malware Ryan Naraine.” Ryan Naraine .com/news?id=207575678 “We are so conditioned to click on links. According to security expert George Heron. That is an increase of more than 8. For example: A Facebook message sent from one friend to another includes a link to a YouTube video of interest to the recipient.kaspersky. The data motive is woven through all five emerging threat categories. The auto-update features help both corporate and consumer end users stay up to date with patches—which eliminates a lot of “low-hanging fruit” for the cyber crime community.” Naraine expects criminal senders to use better social engineering techniques to cloak malcode in what appears to be legitimate email with acceptable Web links. effectively involving the computer in a botnet. social networking sites and false domains. blended threats. Social networking sites like MySpace. The user clicks to install the update.
botnets have become worse—a trend expected to continue next year. the bot communicates to a “command and control” server and waits for a response. http://www. bots become bot armies that harness considerable computing power to engage in a variety of malicious activities. Most botnet command and control sites can be traced back to China2. groups of computers infected with malicious code and unknowingly controlled by a malicious master. botnets are growing at a faster rate.2 2 .1 6. The communication—using the command and control server as an intermediary—can keep the malicious bot master’s identity hidden. an associate professor at GTISC and a leading botnet researcher. The updates enable new bot communication and malicious capabilities. credit card information. This year. 1 2 A bot actually remains on the machine.1 4.” said Lee. simply rendering a Web page can launch a botnet exploit Bots can be delivered to a machine in a variety of ways— via Trojans. But Lee cautions that this statistic could be misinterpreted because "a lot of Chinese are using http://www.” Bot communications are designed to look like normal (Web) traffic using accepted ports.” said Wenke Lee.” Prompted to act in unison.) — Denial of service attacks — Spam delivery — DNS server spoofing According to a report compiled by Panda Labs. GTISC researchers estimate that botnet-affected machines may comprise 15 percent of online computers. emails. Leading industry analysts predict this number to be even higher. “It’s very difficult to filter bot traffic at the network edge since it uses http and every enterprise allows http traffic. and can update itself based on those communications.darkreading. 2008 Botnets In 2008. an unauthorized instant message client or an infected Web site. so even firewalls and intrusion prevention systems have a hard time isolating bot messages.pdf Botnets Continue to Grow and Transform Bot Army Name RAT-SZ-1 Sality-1 IRC-VR-1 IRC-SD-1 Poebot-1 RAT-DL-1 Metcash-1 IRC-SD-2 RAT-SM-1 Kraken Number of Binaries 10.com/document. maintains a command and control mechanism to enable communication with the bot master.Emerging Cyber Threats Report for 2009 Georgia Tech Information Security Center • October 15. GTISC estimated in last year’s report that 10 percent of online computers were part of botnets.2 10. trade secrets.493 886 804 541 369 212 194 139 54 48 Distinct Compromised Hosts in Typical Enterprise 155 18 75 11 2 14 47 21 4 301 Distinct Binaries per Compromise 67. Damballa continues to discover that 3-5 percent of enterprise assets are compromised on average by targeted threats such as bots—even in the presence of the best and most up-to-date security. and are often used to avoid detection. “But traditional malware is a single-purpose attack. including: — Data theft (social security numbers.6 13. etc. Periodically. Lee cites three unavoidable factors that are spurring botnet growth: • Infection can occur even through legitimate Web sites • Bot exploits/malware delivery mechanisms are gaining sophistication and better obfuscation techniques • Users do not have to do anything to become infected. Lee agreed.5 0.7 40.asp?doc_id=161524 Source: Damaballa. Lee points out the distinction between botnets and malware: “What we think of as malware can be responsible for turning a machine into a bot.7 49. Once installed. bots lie low to avoid notice by antivirus and anti-spyware technology.5 15. in 2Q 2008.com/downloads/press/GartnerITSecSummit_Q2Research_PRFINAL_2008-06-02_. 10 million bot computers were used to distribute spam and malware across the Internet each day1.2 184.damballa. “Compared with viruses and spam.
Lee’s research also examines how botnets use the Internet infrastructure. traffic routed through Turkey was almost completely blocked. 3 .Emerging Cyber Threats Report for 2009 Georgia Tech Information Security Center • October 15. or type of information uploaded/ downloaded can indicate a botnet command and control attempt. global sensor networks are now using specialized algorithms to pinpoint bot army communications. the bot army threat can be neutralized as long as layered security is already in place. new technologies can pinpoint the Internet communications between botnets and bot masters and shut down the vital links required for cyber crime and cyber warfare. director of threat intelligence for SecureWorks. Cyber Warfare Security experts consulted by GTISC believe cyber warfare will accompany traditional military interaction more often in the years ahead. Source of Russian cyber attacks against Georgia: • The vast majority of Georgian Internet traffic is routed through Turkey and Russia. Petersburg government. 2008. time of day. For example. In addtion. • The Moscow-based COMSTAR network also cooperated with government demands to follow suit. economy and infrastructure. Lee’s research team at GTISC is developing algorithms to analyze traffic patterns from internal machines to outside machines. tactics and target lists as attacks from portions of Turkish networks controlled by former associates of the Russian Business Network (RBN). Consider the cyber attacks that occurred between Russia and Georgia earlier this year as a model for military cyber engagements in 2009 and beyond. Signature-based defenses like antivirus and intrusion detection are no match for the subtle communications between bot and bot master. However. • DDoS and cache poisoning attempts targeting DNS servers for major Georgian networks were also launched from the state-operated Rostelecom and Moscow-based COMSTAR networks. several recent bot variants have exhibited more than 100 distinct binary payloads used to hide the communications path and to vary the command and control IP address. • Both cyber attack targets (media outlets and local government communication systems) and air force targets were located in the Georgian city of Gori. compiled the following research to implicate direct Russian government involvement in cyber attacks against Georgia: Physical and cyber attack targets and timing align: • Logs of DDoS traffic and changes in network routing indicate that Russian cyber warfare operations coincided almost exactly with the final “all clear” for Russian Air Force attacks sometime between 0600 and 0700 on August 9. The net effect makes botnets and bot masters harder to track.” Botnets en masse are considered a bot army and these malicious computing forces may be used to conduct cyber warfare in the future. As of August 10. look-up requests to DNS servers might provide information on which domain is used for botnet communications. • The exact timing of cyber attacks against new classes of targets in Gori and Russian Air Force attacks indicated coordination between known hacking groups and military operators. These attempts utilized the same tools. Once the command and control links are found and disrupted. Strange anomalies in connection duration. • Russian government-run Rostelecom conducted most of the routing changes that blocked traffic to Georgian IP address space. and IP traffic through Russia (via Azerbaijan) was slow and effectively unusable. “That means many Chinese computers are rife with vulnerabilities. They expect it will also play a more shadowy role in attempts by antagonist nations to subvert the U. 2008. the former powerbase of Putin and those now in charge of the FSB state security organization.S. But newer behavior analysis techniques can help identify bots without signatures. researchers observed: — Route hijacking — Brute force server compromise — Data theft — Multi-factor DDoS attacking network and application layers — Defacement and hosting of fake Georgian Web pages containing misinformation and propaganda. 2008 pirated software which doesn’t receive security updates. Attack types: • In addition to DDoS attacks against Georgian media outlets and government Web sites. Don Jackson.” According to Lee. The associates are believed to have connections to local St. According to Lee’s research at GTISC. In addition. making them a haven for botnet command and control sites. bot payloads are becoming increasingly complex to avoid evolving security measures. as did other network operators that control routing through the ostensibly neutral Moscow Internet Exchange (MSK-IX).
S. Feb. VoIP technology also continues to improve and will rival landline and mobile communications in terms of reliability and call quality. where accessing the Internet from a mobile device can provide a better experience than traditional fixed computing. When voice is digitized. http://www. “We now know that it only takes infiltrating the DNS operator vulnerability to subvert an entire DNS sector. chief technology officer for SecureWorks attributes increasing cyber warfare activity to the following: • The low cost to launch cyber attacks compared with physical attacks • The lack of cyber defenses • The “plausible deniability” the Internet affords • The lack of “cyber rules of engagement” in conflicts between nation states George Heron.” said Heron. 29.Founder. “Other evidence supports this. and system intrusions originated from sources not previously affiliated with known hacking groups and appear to have been coordinated in a manner that would allow attackers to disable or intercept Georgian government communications in accordance with Russian military and intelligence objectives. remote code execution and botnets all apply to VoIP networks. Cyber Storm II Stirring.. 2008. route hijacking. As Internet telephony and mobile computing handle more and more data. From the outset.” said Heron. vulnerability identification and remediation.html “The future threat goes beyond what we think of as cyber-espionage and intellectual property theft. cyber defenses: • Identify the Internet-enabled systems we depend on and also the interdependencies between them. and will become more problematic for mobile devices as well. network enhancements and new technologies like mobile communications gain traction. and there are interdependencies between them that our enemies will seek to exploit. • Develop a comprehensive plan to protect those systems. 2008 Some DDoS attacks. Schmidt.fcw. “Cyber warfare efforts could take this approach to exploit vulnerable servers and gateways controlling the power grid or water/dam flow control.” Heron pointed to the U. along with malware and other disruptive threats. government is already bracing for the inevitability of cyber warfare and hosted the second annual Cyber Storm exercise in March 2008—involving nine states.com/online/news/151806-1. data theft and other scams—similar to the problems email has experienced. founder of BlueFin Security and former chief scientist for McAfee believes cyber warfare will play a significant role between China and the U.” said Schmidt.S. VoIP infrastructure has been vulnerable to the same types of attacks that plague other networked computing architectures.” Schmidt advocates a three-step approach to bolstering U. Cyber criminals will be drawn to the VoIP medium to engage in voice fraud. including roles and responsibilities.” The U. “I think we’re going to see more technologically savvy. compressed into packets and exchanged over IP networks. • Design information security for the future as software improvements.” George Heron . encoded. they will become more frequent targets of cyber crime. state-sponsored attacks to the IT systems that support foundational services here in the U.” Heron continued.S. transportation system infrastructure. although that certainly remains a factor. the water supply IT infrastructure and other entities as prime cyber targets of enemy nations. “Cyber threats originating from China are very real and growing. threat mitigation and response.S. BlueFin Security Threats to VoIP and Mobile Convergence The cell phone is becoming an entirely new tool— especially outside the U. “Cyber Storm II is a successful instance of public and private partnership to identify cyber warfare threats and plan effective countermeasures. “We need more information sharing and more collaboration like this to defend our national interests against an onslaught of cyber terrorism.S.Emerging Cyber Threats Report for 2009 Georgia Tech Information Security Center • October 15. four foreign governments. a GTISC professor of practice agrees.S. “Criminals know that VoIP can be used in scams to steal personal and financial data so voice spam and voice phishing are not going away” said Tom 4 . Denial of service. “Our critical infrastructure systems are fundamentally dependent on the Internet and IP-based technology. such as the majority of bot masters being traced back to China. 18 federal agencies and 40 private companies in a weeklong cyber attack scenario3.” said Heron. the telecommunications system. “Cyber warfare completely evens the playing field as developing nations and large nations with a formidable military presence can both launch equally damaging attacks over the Web.” 3 Howard A. Source: Federal Computer Week. nuclear energy plant communications. it is susceptible to misuse. Jon Ramsey.
X-Force Researcher. According to Traynor.” said Cross.” Traynor pointed to battery power as a primary security hurdle. people use their cell phones at vending machines and subway token dispensers.” Tom Cross . carriers and application developers. And where phone service is concerned. vice president of security investigations for Equifax also sees the security challenges presented by mobile computing. they will become a more attractive target. mobile device capability is far ahead of security.” said Cross.” said Amster. “Current research efforts at university-based centers like GTISC are studying how reputation networks based on inherited trust could be applied to VoIP to prevent voice fraud. But because the mobile communications field is evolving so quickly. “If you place antivirus software on a mobile device. payment card information and more.” said Traynor.” Patrick Traynor. “The short life cycle of mobile devices gives manufacturers. “Denial of service will also continue to be a significant threat to VoIP. 2008 Cross. “Financial motivation and increased adoption will increase attacks to smartphones in the years to come. it is not going to be an easy problem to solve. School of Computer Science at Georgia Tech. discussed the concept of the “digital wallet.” Dave Amster. At the same time. an assistant professor in the School of Computer Science at Georgia Tech and a member of GTISC. “malware will be injected onto cell phones to turn them into bots.Emerging Cyber Threats Report for 2009 Georgia Tech Information Security Center • October 15. When it comes to the mobile experience. Now in addition to business users. customers will demand better availability from phone service than they would from an ISP. users have a different mentality about sharing personal information and a higher expectation of quality. Already in Japan. so mobile security will require new approaches and partnerships between manufacturers. “We’ll start to see the botnet problem infiltrate the mobile world in 2009. along with endpoint security for Session Initiated Protocol (SIP) phones and other VoIP devices. We expect some cyber criminals to attempt to blackmail carriers based on a DoS attack scenario. On the bright side.” Traynor pointed out that most people buy a new mobile device every two years—a much shorter life cycle than the typical PC and Windows installation. I’m somewhat surprised that there haven’t been more attacks to date. If a large number of VoIP phones become infected by malware and flood a network with traffic. “While exploits targeting the iPhone have circulated publicly. the results could be extremely disruptive.Assistant Professor. it presents a unique opportunity to design security properly—an opportunity we missed with the PC. and voice spam and phishing are blocked. the iPhone has dramatically changed the perception of what mobile devices can do. developers and the security community an opportunity to learn what works from a security standpoint and apply it to devices and applications more quickly.a researcher with the IBM Internet Security Systems X-Force team. and member of the Georgia Tech Information Security Center 5 . Cross believes the IT and telecom communities have learned valuable security lessons from the spam and phishing problems that have plagued the Simple Mail Transfer Protocol (SMTP). “VoIP providers and users want to avoid the spam crisis that has inundated email. They both cited Google’s Android platform for mobile applications as a step in the right direction.” said Traynor. As more payment infrastructure gets placed on these devices.” said Cross.” in which smartphones store personal identity. large telecom companies in Europe are now servicing customers with VoIP. Large cellular botnets could then be used to perpetrate a DoS attack against the core of the cellular network. over the phone while interacting with voice response systems. Android “Most people have been trained to enter social security numbers. “However. etc. “More and more financial transactions will take place over mobile devices.” Cross also cited the need for intrusion prevention systems at the VoIP carrier level. and who is using them. “Criminals will exploit this social conditioning to perpetrate voice phishing and identity theft. consumers are more likely to want the advanced capabilities of a smartphone for everything from mobile banking to iTunes access.” Researchers like Traynor and Cross expect open standards for handset security to gain more ground in 2009. which puts valuable information at risk. it will run the battery down. so the threat of a DoS attack might compel carriers to pay out on a blackmail scam. bank account numbers. “Consumers are ordering credit reports from their Blackberrys. good security reputations will improve VoIP peering and call ranking so that legitimate calls get through.” According to Cross. In this type of system. credit card numbers. The challenge for businesses and banks is going to be maintaining secure mobile applications and ease of use at the same time.” Patrick Traynor . IBM Internet Security Systems “At this point. which is closer to 10 years.
While the decentralized and open nature of the Internet can be extremely positive characteristics.” You can buy. the cyber crime MSPs saw a business opportunity. 6 . “The Web-based attack platforms come in a variety of packages and are available for lease. man-in-thebrowser proxy engines for identity theft. All of these trends are expected to evolve further in the coming year. purchase or any payment model in between. feeding gains back into existing money laundering chains. builtin Web services for hosting phishing content. The managed service approach basically extends the functionality of a malware purchase. which are much more sophisticated than their predecessors. subscribe and even pay-as-you-go to obtain the latest malware kits. The evolving cyber crime economy Sources of cyber crime will become increasingly organized and profit-driven in the years ahead. “Malware transitioned to the criminal world just over three years ago. As CAPTCHA systems were continuously broken by attackers and then subsequently strengthened against compromise. IBM Internet Security Systems Expert opinion on Internet security education and regulation Members of the security community have been engaged in debate over responsibility for security education and potential regulatory schemes to govern online behavior. and provide an extensible API structure for easy integration into malware. “The new sophisticated malware-for-sale features encrypted command and control channels. New Web-based attack platforms have been developed in tandem so that social engineering and end-user action are no longer required for exploitation.Chief Security Strategist. manufacturers and application developers. A few malware developers are even offering multiple language “customer support” in order to reach a wider audience of criminals. • Top-tier managed service providers that wrap new services around malware kits to increase propagation and enable organized fraud on a global scale.” Ollmann reports that several malware kits are supported by product guarantees and service level agreements.Emerging Cyber Threats Report for 2009 Georgia Tech Information Security Center • October 15. CAPTCHAs are used to prevent brute-force attacks and fraudulent account creation on Web sites and require end users to correctly enter a string of characters and login details before access is granted. lease. 2008 makes the mobile application development environment publicly available so that it becomes easier for application developers to apply security to programs designed for smartphones. malicious criminals are threatening the very foundations of the Internet.000 CAPTCHAs broken. “The managed service operators provide cheap human labor to battle through CAPTCHAs. Traynor and Cross also support a layered approach to security on mobile devices that encompasses carriers.” said Ollmann. Some of the MSPs charge on a per-click basis just like Web advertising.” said Ollmann.” said Ollmann. “And for those criminals that don’t want to host their attack platforms. • Skilled developers and collectives of technical experts creating new components to embed within their commercial malware creation kits. One malicious managed service model revolves around breaking CAPTCHAs (CompletelyAutomated Public Turing test to tell Computers and Humans Apart). "These predominantly Russian-operated entities offer pay scales starting at $1 per 1.” Gunter Ollmann . along with drive scanners for capturing sellable data like email addresses and credit card details. This combined approach will continue in the future.” Ollmann divides the cyber criminal industry into three tiers: • Low-level criminals who use kits to create the specific malware required for their targeted crimes. He warns of a tough road ahead in the battle against malware. managed service providers have emerged to rent existing installations for global malware delivery. The conversation may only become more heated in 2009. chief security strategist for IBM Internet Security Systems describes today’s (and tomorrow’s) cyber criminals as “an international conglomerate of professionally trained authors motivated by high profit. Gunter Ollmann.
“The same is true of a PC running Windows 98 and Internet Explorer 3 without any meaningful AV or firewall protection. and the security industry has never spoken with one voice. but still don’t think the Internet as a whole is safe. 2008 Michael Barrett. any government involvement should not inhibit innovation or investment. the chief information officer for PayPal frames the debate in concrete terms. then we all lose.Emerging Cyber Threats Report for 2009 Georgia Tech Information Security Center • October 15. we should also expect more from the security industry in terms of viable solutions. fine. Mosaic 1.” he said.” Barrett was also quick to point out his optimism when it comes to security.” Michael Barrett .” said Ahamad. Perhaps we need a similar mandate for keeping security protection up-to-date.Chief Information Security Officer. we’ve had no formal education about safe behavior on the Internet.” “If you own a dangerous old jalopy that can’t pass emission standards and you want to drive it around your private 10-acre field. PayPal 7 . the astounding growth of online users. that’s fine. But once it does.0 was released and the Internet as we know it was born. It could be supported with a tax credit for businesses that make the grade. But phishing and e-crime losses may compel interested parties to action. “The government should establish a regulatory construct for assessing the state of security and setting minimum standards of security for entities that are part of our critical infrastructure. Most importantly. “The goal would be to identify deficiencies and assess certain sectors with a security grade.000 people were using the Web. you become a threat to others. And if we can teach end users some simple rules.” said Barrett.” said Jon Ramsey of SecureWorks. it could follow the model of road and airline safety… “We can even draw comparisons between car insurance and antivirus software. end users and government boundaries. Schmidt believes the government should play a role in security regulation for cyber defense. “Although we can argue that end users could do more to protect themselves and the online community.” Mustaque Ahamad. “I believe phishing is a completely preventable crime when you combine technology with education. who believes that voluntary car insurance penetration would be about the same as antivirus software. Today. Yet despite this explosive growth.” Barrett believes a robust debate will go on for the next few years between public and private entities about how best to protect the Internet ecosystem.” With a focus on preventing phishing emails from arriving in the inbox.” said Barrett. That’s why GTISC research and the public/private collaboration it promotes is so important to finding solutions to the threats of the future. So what would Internet security regulation look like? According to Barrett. education and personal responsibility. “Even if customers are confident in PayPal’s security. the difficulty in establishing trusted identity online and the lack of standardization around protection all contribute to the challenge of developing a regulatory scheme.” he said. “Technology is one piece of the puzzle. the director of GTISC.” said Barrett. “Our anti-phishing efforts with Yahoo over a 10 month period prevented more than 85 million phishing emails from ever reaching the intended victim. “Most people buy car insurance because it is mandated by the government. Back then about 1.” he said. “The problem is bigger than industry. it can become infected and in turn be used to compromise more machines. regulation is another and user education is the final hurdle. it will have a big impact. “I think we have about 10 years to figure out how to structure Internet security principles and regulation before the problem of online fraud and cyber crime completely gets away from us. “Just 15 years ago. But as soon as you take that unsafe car out onto the public road. Howard A. supports a combination of security awareness. there are more than one billion active Internet users. The borderless nature of the Internet. If that machine never connects to the Internet.” “We can think of security as the environment of the Internet and cyber crime as the pollution that could effectively kill it. When the major ISPs see an email supposedly from PayPal—but without the proper DKIM or SPF signature—they block it. PayPal now uses DomainKeys Identified Mail (DKIM) and Sender Policy Framework (SPF) to sign its customer emails.
IBM Internet Security Systems Chief Technology Officer. SecureWorks Doctoral Student. BlueFin Security Director of Threat Intelligence. Georgia Tech Information Security Center Associate Professor. IBM Internet Security Systems Founder. Georgia Tech Information Security Center Security Evangelist. Georgia Tech Information Security Center Assistant Professor. Americas Chief Security Strategist. Schmidt Patrick Traynor . Equifax Chief Information Security Officer. PayPal X-Force Researcher. SecureWorks Professor of Practice. Kaspersky Lab. and member of the Georgia Tech Information Security Center Michael Barrett Tom Cross George Heron Don Jackson Jeff King Wenke Lee Ryan Naraine Gunter Ollmann Jon Ramsey Howard A.GTISC Emerging Cyber Threats Report Contributors Mustaque Ahamad Dave Amster Director of the Georgia Tech Information Security Center Vice President of Security Investigations. School of Computer Science at Georgia Tech.
This action might not be possible to undo. Are you sure you want to continue?
We've moved you to where you read on your other device.
Get the full title to continue reading from where you left off, or restart the preview.